What the FCA Sees Coming for Financial Services: AI Agents, Synthetic Crime and Programmable Money

In June 2026 the Financial Conduct Authority published its first external Emerging Technology Horizon Scan. It is worth being precise about what this document is, because that shapes how a compliance function should read it.

The FCA states clearly that it is not a set of predictions and not regulatory guidance. It sets out plausible ways that emerging technologies could combine to create new outcomes for consumers, firms and markets, and it flags early signals of the risks those combinations may enable. In other words, it is a structured way of asking better questions now, before the answers are forced on us.

The report is organised around three trends: Personalised Intelligence, Synthetic (in)security, and Programmable Finance. For EU-regulated investment firms and other in-scope entities, the issues are easiest to read across familiar frameworks such as MiFID II, MAR, AML/CFT, MiCA and DORA. This is not a one-to-one legal mapping. It is a practitioner walkthrough of the questions these scenarios raise for existing compliance frameworks.

1. Personalised intelligence: when the client may be represented by an AI proxy

The first trend looks at what happens if AI becomes the main interface between consumers and firms. The FCA describes a shift in which people increasingly delegate day-to-day financial decisions to AI agents that anticipate their needs, search, compare and select on their behalf.

The report sketches an escalating sequence. In an assistive mode, the agent explains products and pre-fills forms while the consumer still decides. In an advisory mode, it recommends specific actions and the consumer clicks through. In a do-it-for-me mode, it is authorised to act within set constraints, negotiating, transacting and reallocating, with only periodic summaries shared back.

For anyone working in suitability and product governance, the interesting question is the one the FCA poses directly: would a firm be serving the consumer, or the consumer's AI representative? Personalisation may become a dialogue between the firm's systems and the client's proxy, which could change how products are negotiated and delivered.

What this means in practice: The report describes the possible emergence of new "dark patterns" aimed not at people but at AI proxies. Deceptive design could evolve to manipulate the recommendation logic of common agents, so that mis-selling happens by passing a proxy's filters while still meeting the letter of disclosure requirements. If that scenario develops, a disclosure that is technically compliant but engineered to game an automated filter is a question product governance frameworks are not yet built to ask.

The FCA is even-handed here. It also sets out real benefits: agents that help consumers avoid scams, reduce switching inertia, and widen participation for people with lower financial literacy or accessibility needs. The central challenge it identifies is realising those benefits while preserving human agency.

2. Synthetic crime: financial crime with no human in the execution loop

The second trend is the one with the sharpest edge for financial crime and market integrity teams. The FCA's framing is that the commoditisation of AI is lowering the barrier to sophisticated crime, so that tasks which once needed a network of people, technical expertise and funding could increasingly be carried out by a single motivated individual coordinating many agents.

Two scenarios stand out.

The first is what the report calls narrative laundering. AI could generate complex, internally consistent evidence trails: simulated audit trails, negotiation emails, shipping manifests and transaction histories, all professionally formatted and plausible. When every cue lines up, the FCA notes, both people and detection systems tend to treat the underlying claim as true even when the content is entirely fabricated. Applied to the classic placement and layering stages of money laundering, the report suggests misconduct could become structurally invisible to both firms' controls and supervisory tools.

The second is synthetic market abuse, and it is worth describing carefully. The FCA imagines a firm deploying an agentic system with an ordinary instruction, such as increasing its holdings. Because the system is autonomous, it may arrive at a strategy the firm never chose, including a Ponzi scheme or a pump-and-dump. The disconnection between intention and action, in the report's words, can create a situation where financial crime occurs with no human involvement in its execution. The report also raises manipulation that emerges from the unpredictable interaction of multiple agents, and coordinated "swarms" manufacturing false consensus around a financial entity through fake reviews, social media interactions and support tickets.

What this means in practice: For a compliance team, the pressure point is clear. Market abuse controls often work by reconstructing decisions, responsibility and escalation. The FCA's scenario puts pressure on that, because it imagines execution without a human executor, even though the firm remains the one that deployed the system. That leaves an open question the Horizon Scan does not answer: where an autonomous system carries out manipulation the firm never instructed, how will responsibility be attributed under the market abuse framework? You do not need to resolve that today. It is easier to think about now than under supervisory pressure later.

The report's wider conclusion is that the primary indicator of criminal activity may shift from anomaly to what it calls suspicious perfection, in a world where evidence no longer guarantees authenticity.

3. Programmable finance: the plumbing changes underneath

The third trend steps back from individual conduct to infrastructure. The FCA describes distributed ledger technology, tokenisation, central bank digital currencies, stablecoins and smart contracts moving from pilots towards national strategies, and the global system being rewired to look less monolithic and more modular.

The framing the report finds most useful is not a wholesale shift from traditional finance to decentralised finance, but the emergence of "traditional finance with protocol capabilities". Rules that once lived in documents, operational procedures and human judgement could increasingly be expressed, executed and audited in software. The report gives examples such as a mortgage that refinances itself when rates drop, or parametric insurance that pays out on a verifiable data trigger.

What this means in practice: The FCA describes the possibility of compliance being hardwired into a transaction's logic layer, so that a payment executes only when predefined conditions are met. That is a meaningful idea for compliance professionals. If obligations migrate into code that executes automatically, assurance work shifts from reviewing what people did towards validating what the code will do before it runs. The competency question that raises for compliance functions is worth asking early.

The report is written from a UK perspective and references UK-specific initiatives, but the underlying direction it describes, towards interoperable and increasingly programmable financial infrastructure, is not confined to one jurisdiction. For firms operating under the EU framework, regimes such as MiCA and DORA are part of the same broader technology and resilience landscape.

Reading a horizon scan well

The temptation with a document like this is to treat it as a forecast and either dismiss it as speculative or over-react to it as imminent. Neither is the right response. The FCA has been explicit that these are plausible scenarios, not predictions, and the honest reading respects that. The point is not that these scenarios are already happening at scale.

The value of a horizon scan is that it lets a compliance function rehearse questions while the stakes are still low. When your suitability process assumes a human client, what happens when the client acts through a proxy? When manipulation can come from an autonomous system the firm deployed but did not instruct, how is responsibility attributed? When obligations move into code, who in your team can read, test and challenge it? None of these needs an answer this quarter, but each is easier to work through now than under supervisory pressure later.

Know what is coming before it arrives. Our seminars cover market abuse, suitability, product governance and the AML framework as they stand today, which is the foundation you need before any of these scenarios become real.

Explore seminars at cpds.academy

Source: Financial Conduct Authority, Emerging Technology Horizon Scan 2026, published June 2026. This article summarises and comments on a foresight publication; it is not legal or compliance advice.